[messaging] EFF Secure Messaging Scorecard
Tao Effect
contact at taoeffect.com
Wed Nov 5 21:08:31 PST 2014
On Nov 5, 2014, at 9:00 PM, Joseph Bonneau <jbonneau at gmail.com> wrote:
> Cloud backups can defeat this but we decided to consider this a separate problem-any tool can be defeated if you backup the plaintext somewhere in the cloud. If you think this is a bad feature encourage users to to disable it.
OK, but since it is enabled by default (an opt-out rather than an opt-in, if my memory serves me correctly), shouldn't that checkbox be taken away from Apple, or at the very least, have some type of asterisk next to it?
As-is, people will walk away with an incorrect understanding of the security of Apple's iMessages. I assume it is not EFF's intent to mislead people.
> Apple's encryption is end-to-end.
What definition of end-to-end are you using? Apple is capable of decrypting iMessages sent between users [1], so sorry, but I don't see how that is end-to-end.
https://moderncrypto.org/mail-archive/messaging/2014/001065.html
Kind regards,
Greg Slepak
--
Please do not email me anything that you are not comfortable also sharing with the NSA.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20141105/3d93e037/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20141105/3d93e037/attachment.sig>
More information about the Messaging
mailing list